Computer Science > Cryptography and Security

Title:Trojan of Things: Embedding Malicious NFC Tags into Common Objects

Abstract: We present a novel proof-of-concept attack named Trojan of Things (ToT),
which aims to attack NFC- enabled mobile devices such as smartphones. The key
idea of ToT attacks is to covertly embed maliciously programmed NFC tags into
common objects routinely encountered in daily life such as banknotes, clothing,
or furniture, which are not considered as NFC touchpoints. To fully explore the
threat of ToT, we develop two striking techniques named ToT device and Phantom
touch generator. These techniques enable an attacker to carry out various
severe and sophisticated attacks unbeknownst to the device owner who
unintentionally puts the device close to a ToT. We discuss the feasibility of
the attack as well as the possible countermeasures against the threats of ToT
attacks.